Hardware-based DLAS: Achieving geo-location guarantees for cloud data using TPM and Provable Data Possession

Recently the lack of geo-location assurance of data in cloud storage has been identified as one of the main reasons why organizations that deal with sensitive data (e.g., financial data, health related data) cannot adopt a cloud storage solution even if they want to. In this paper, we present a Hardware-based Data geo-Location Assurance Solution (HDLAS), which is suitable for almost all cloud storage applications available today. Trusted Platform Module (TPM) and a cryptographic scheme called Provable Data Possession (PDP) are the basis of our solution. We define a new attack model for HDLAS which seems to be a realistic attack model for the existing cloud storage applications. With the combination of a GPS receiver and TPM, HDLAS is able to offer its clients not only the accurate geo-location of their data but also a hardware-based root of trust for that. Unlike many existing solutions, HDLAS works even if a piece of data is replicated into different storage servers. Furthermore we also illustrate how easily HDLAS can be adopted in existing Cloud Storage Providers such as Microsoft Azure.